dot-iu-cutter v0.5 First Controlled CUT Rerun Failed — GPT Ruling

Date: 2026-05-20 Reviewer / decision authority: GPT Reviewed package: knowledge/dev/laws/dieu44-trien-khai/v0.5-first-controlled-cut-production-execution-rerun/

Verdict

execution_result: CUT_FAILED_ROLLED_BACK
agent_behavior: PASS_CORRECT
production_data_rows_persisted: 0
compensation_needed: false
root_cause: approval_package_missed_live_gateway_trigger_and_canonical_function_path
prompt_quality_issue: insufficient_live_execution_path_survey_before_production_prompt

The Agent executed the gates correctly and production row mutation was rolled back atomically. The failure was caused by the approval package assuming direct INSERT into public.information_unit, while the live system blocks direct writes through trg_aa_iu_gateway_write_guard and requires the canonical SECURITY DEFINER path, reportedly fn_iu_create().

Accepted root cause

root_cause:
  blocked_by: trg_aa_iu_gateway_write_guard BEFORE INSERT trigger
  canonical_path: fn_iu_create() SECURITY DEFINER
  missing_in_prior_prechecks:
    - trigger inventory on public.information_unit
    - trigger function/source hash
    - allowed write function signature
    - test-call shape in rollbackable transaction
    - grants/EXECUTE requirements for canonical function

The earlier drift probes were necessary but insufficient. Table shape, L1/L2 hash, vocab, and row-count checks did not prove that direct INSERT is the legal live write path.

Ruling on open questions

Q1_strategy:
  ruling: OPT_A_REDESIGN_TO_CANONICAL_FN_IU_CREATE_PATH
  reject_OPT_B_bypass_trigger: true
  reject_OPT_C_psql_direct_harness: true
  reason: direct bypass contradicts live architecture; canonical SECURITY DEFINER path must be understood and used

Q2_grants_left_in_place:
  ruling: KEEP_PENDING_REDESIGN_FOR_NOW
  reason: grants were scoped and may still be needed or revised shortly; do not REVOKE until fn_iu_create path and new grant delta are known
  condition: next phase must explicitly decide keep/revoke/modify after canonical path survey

Q3_canonical_UV_path:
  ruling: UNKNOWN_MUST_SURVEY_FN_IU_CREATE
  required: inspect function signature/body/privileges and determine whether it writes unit_version/anchor itself or only creates IU shell

Q4_writer_digest_policy:
  ruling: RE_RATIFY_IF_OUTPUT_SEMANTICS_CHANGE
  note: if fn_iu_create changes row fields/content materially, new writer digest and approval package required; if only transport path changes while final rows remain byte/field-equivalent, record equivalence proof

Process correction

new_production_prompt_rule: SURVEY_LIVE_EXECUTION_PATH_BEFORE_APPROVAL
required_before_any_future_production_write_prompt:
  - inspect table triggers and trigger functions
  - inspect canonical write functions and signatures
  - inspect function privileges and SECURITY DEFINER/INVOKER behavior
  - inspect existing production code path using the function
  - test function behavior in an isolated or rollback-only transaction where safe
  - prove the intended command follows the live canonical path, not merely table shape

Authorized next macro-goal

next_phase: v0_5_fn_iu_create_canonical_path_survey_and_redesign
production_write: not_authorized
scope:
  - survey live fn_iu_create / gateway trigger / related functions read-only
  - determine exact canonical write contract
  - decide whether existing GRANTs remain, need modification, or should be revoked
  - redesign cutprod/prod_iu_adapter to use canonical function path if safe
  - run local/scratch/rollback-only tests only if safe and authorized by no-persist guarantee
  - prepare a new production CUT approval package or exact blocker

Still forbidden

forbidden:
  - production CUT execution
  - VERIFY execution
  - production row persistence
  - bypass gateway trigger
  - direct INSERT into information_unit if trigger says no
  - deploy/restart
  - merge/push/tag
  - hard delete
  - unapproved REVOKE/GRANT changes

Final status

status: RERUN_FAILED_SAFELY__OPT_A_SELECTED__SURVEY_CANONICAL_FN_PATH_NEXT
next_action: run_live_canonical_write_path_survey_and_redesign_macro